I was recently a guest alongside my co-author, Michael Bazzell on the Social-Engineer podcast (the episode will be be available tomorrow). We discussed social engineering for security and privacy reasons. Since being on the show I have thought more about social engineering than at any time since I attended Chris Hadnagy’s SE course back in 2013. One realization I’ve had is that social engineering attacks commonly begin with a starting point. An email address to which the attacker can send phishing emails. A phone number she can use to hack your cell account. A username she can use to call customer service and request access. Along this line of thought, it has also occured to me that it is never a bad time to restress the importance of usernames as a security measure. Continue reading “Usernames as a Security Measure”